The provision of a lawful interception is a requirement of national law, which is usually mandatory. From time to time, a network operator and/or a service provider will be required, according to a lawful authorization, to make available results of interception relating to specific identities to a specific intercepting authority or Law Enforcement Agency (LEA).
There are various aspects of interception. The respective national law describes under what conditions and with what restrictions interception is allowed. If an LEA wishes to use lawful interception as a tool, it will ask a prosecuting judge or other responsible body for a lawful authorization, such as a warrant. If the lawful authorization is granted, the LEA will present the lawful authorization to an access provider which provides access from a user's terminal to that network, to the network operator, or to the service provider via an administrative interface or procedure. When a lawful interception is authorized, an Intercept Related Information (IRI) and the content of the corresponding communication is delivered to the LEA.
In particular, the lawful authorization may describe the IRI and the content of the communication that are allowed to be delivered for this LEA, investigation, period and interception subject. For different LEAs and for different investigations, different constrains can apply that further limit the general borders set by the law. The interception subject may also be described in different ways in a lawful authorization, e.g. subscriber address, physical address, services etc.
Such a lawful interception functionality is also needed in the packet switched part of new mobile data networks such as the GPRS and the UMTS.
Lawful interception is based on an EU Council resolution, which concerns all telecommunications systems, not only mobile ones. The European Telecommunications Standards Institute (ETSI) has defined further technical requirements. These requirements define three interfaces:
X1: administrative tasks (may be on paper or fax)
X2: network signaling (near real time)
X3: intercepted user data (near real time)
The interface X1 carries interception requests, authorization documents, encryption keys and the like. The exact definitions of the three interfaces are left to local legislation and authorities.
Several approaches have been proposed so far. According to a hub approach, a hub is added to the GPRS backbone, such that all sessions will pass through the hub. The benefit of the system is that the SGSN (Serving GPRS Support Node) and the GGSN (Gateway GPRS Support Node) does not have to know anything about the lawful interception functionality. The hub consists of a pseudo GGSN interface and a pseudo SGSN interface, between which a Lawful Interception Node (LIN) is arranged.
However, a drawback of this approach is scalability. The LIN must be able to process all data packets in the backbone. Moreover, it constitutes a single point of failure. If the LIN crashes, the whole network will halt. Therefore, the LIN will be very expensive, probably the most expensive element in the whole network.
FIG. 1 shows a principle block diagram of another so-called SGSN/GGSN approach, where the whole interception function is integrated into a combined SGSN/GGSN element. Every physical SGSN/GGSN element is linked by an own X1 interface to an administrative function.
According to FIG. 1, the access method for delivering a GPRS interception information is based on a duplication of packets transmitted from an intercepted subscriber via the SGSN/GGSN element to another party. The duplicated packets are sent to a delivery function for delivering the corresponding IRI and content of communication to the LEA.
If there are several SGSN/GGSN elements, this system does not have a single point of failure. Moreover, it is scalable in the sense that new lawful interception capacity can be installed with every addition of new SGSN/GGSN elements to the backbone. However, with every installation of new SGSN/GGSN elements, new interfaces to the administrative function are required and there is no natural growth path to the UMTS.